Log in

We are pleased to welcome this week Etienne Rivière from the University of Neuchâtel (Switzerland). He will give a talk on Wednesday, January 18 at 16:30 in room Crête (F402, red level).

Title: Efficient confidentiality preservation for cloud-supported 
content-based publish/subscribe

Content-based publish/subscribe is an appealing paradigm for composing dynamic sets of applications and services running over multiple administrative domains. This communication model allows for decoupled communication, where producers of content, or publishers, send pieces of information to a middleware system in charge of filtering and forwarding them to interested consumers. These consumers are called subscribers and express their interest for data by means of subscriptions, which are essentially filters on the actual content of information items. Public clouds are particularly attractive for hosting publish/subscribe communication services on always-on, easily-reachable and cost-effective resources. However, trust towards public cloud providers can only be limited: data manipulated and stored in the clear is at risk of falling in the wrong hands, either of malicious operators or of other clients exploiting collocation attacks. The nature of publications and subscriptions often reveal important intelligence about the nature of the application and the intents of its users. Confidentiality-preserving publish/subscribe has recently emerged as a solution to protect the confidentiality of this data, while still allowing filtering operations to take place. These specialized encryption schemes allow deciding on the result of the filtering operation without revealing the content of publications and subscriptions in the clear. In this talk, I will present a representative example of confidentiality-preserving publish/subscribe system, and highlight some practical concerns. In particular, I will present how the inherent complexity and overhead of encrypted matching can be mitigated through the embedding of incomplete but efficient filtering information and the use of a pre-filtering phase. Then, I will discuss solutions to deal with the update of encrypted information in the event of a key update. I will highlight some interesting challenges in the field as a conclusion.

Etienne’s personal page: http://members.unine.ch/etienne.riviere